Cybersecurity

5540 readers

146 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

Windows Critical Vulnerability: CVE-2024-38063 (www.cybermaxx.com)

submitted 2 months ago by pnutzh4x0r@lemmy.ndlug.org to c/cybersecurity@sh.itjust.works

4 comments fedilink hide all child comments

cross-posted from: https://lemmy.ndlug.org/post/1002763

A critical vulnerability has been identified in the Windows TCP/IP Stack that allows for unauthenticated RCE. No user interaction is required, making this a zero-click vulnerability. This vulnerability affects all supported versions of Windows and Windows Servers.

This remote code vulnerability enables an unauthenticated attacker to repeatedly send IPv6 packets, that include specially crafted packets, to a Windows machine which could enable remote code execution. Microsoft has released urgent security patches and recommends to install these asap.

It has been assigned a CVSS score of 9.8. With a low complexity to exploit, can be performed unauthenticated and exploited remotely. Successful exploitation leads to SYSTEM level execution on the target endpoint.

From CVE 2024 38063

The following mitigating factors might be helpful in your situation: Systems are not affected if IPv6 is disabled on the target machine.

you are viewing a single comment's thread
view the rest of the comments

[–] Rhaedas@fedia.io 5 points 2 months ago (1 children)

Any idea on when this will be pushed to the updates? I looked up the manual link and there's 12 to pick from for my Win10, so I'm a bit cautious. Guess just turning off IPv6 is the best thing for now.

[–] pnutzh4x0r@lemmy.ndlug.org 3 points 2 months ago (1 children)

Based on what I can tell (I don't usually use Windows), a patch was released on August 13th. As long as you are current with your Windows Updates, this shouldn't be an issue.

[–] Rhaedas@fedia.io 2 points 2 months ago

First thing I did was look at updates, both if there was something pending and in the history. There was a quality update on the 13th, but it mentions nothing specific about patching any vulnerabilities. I've got IPv6 off for all adapters now, so I'll wait to see if anything more develops.

At this point in my life I can probably move over to Linux, as I don't play much games anyway and don't have to use Office stuff. I'm just lazy. But I suppose when LTS expires (in Nov I think) I might go that route.